Goodies released with Trustwave SWG Security Update 141

As cliché as it may sound, security is done in layers and so, using our generic rules, we were able to provide 0-day protection against the recent Internet Explorer 0-day CVE-2012-4792 with our Secure Web Gateway (SWG). You can read more in our previous blog posts:exploit analysis and payload analysis.

With today's release of Security Update 141 for SWG we areadding detection rule which is specific to CVE-2012-4792, named "InternetExplorer CDwnBindInfo Object use-after-free vulnerability". This rule willprovide another layer of defense against exploits of this vulnerability.

TURKTRUST Inc., a trusted CA, has incorrectly created two subsidiary certificates which one of them was later used to generate a fraudulent digital certificate of Google. That certificatewas then used in an active attack. As a result, SU141 is removing SWG trust of the following certificates: